Skills
skills/khaki4/my_skills/bf-update-conventions/Gen Agent Trust Hub

bf-update-conventions

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses system commands to interact with local repository history.
  • Evidence: The instructions specify using git log to extract patterns from commit messages and git commit to finalize updates to documentation files. These are appropriate and expected operations for this skill's context.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) due to its data processing model.
  • Ingestion points: It reads untrusted textual data from docs/archive/{TICKET}/reviews/*.md and git log output.
  • Boundary markers: The process lacks explicit delimiters or specific instructions for the agent to ignore any embedded commands within the review data.
  • Capability inventory: The skill is authorized to modify sensitive instruction-bearing files, including docs/conventions.md (used as a rule source) and CLAUDE.md.
  • Sanitization: There is no specified logic to sanitize or validate the patterns extracted from the external logs before they are appended to the project's convention documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 08:22 AM